On Wed, 2 Dec 2015, RW wrote:
On Tue, 1 Dec 2015 14:57:14 -0800 (PST)
John Hardin wrote:
I don't think this is a problem in base SA, it sounds more like a
problem in the packaging addon code provided by RH/Centos.
It does sound like that might have been exposed by a SA regression:
https://bz.apache.org/SpamAssassin/show_bug.cgi?id=4941
Do you mean that in combination with bug 6655 as Filippo speculated?
I think I was too quick to suggest that this wasn't an issue in base SA,
apologies.
Filippo's timeline:
2. verify everything it's working, SA runs with default rules from /usr/share
3. change ip address to match customer network, leave system on
4. during the night, sa-update runs, leave rules dir empty
...indicates that sa-update *is* deleting good rules if the Internet is
inaccessible, so there seems to be two issues here: a bug in sa-update
that deletes good rules, and a bug in the RH/Centos cron job that keeps
the system from recovering from that when the network comes back.
Can else anyone confirm this in base (non-RH/Centos) SA? I'm not really in
a position to do so right now.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
[email protected] FALaholic #11174 pgpk -a [email protected]
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Rights can only ever be individual, which means that you cannot
gain a right by joining a mob, no matter how shiny the issued
badges are, or how many of your neighbors are part of it. -- Marko
-----------------------------------------------------------------------
14 days until Bill of Rights day
